1K
1Kosmos
Developers
Developer Platform

Build identity into everything.

1Kosmos unifies identity proofing, passwordless authentication and authorization on a privacy-by-design distributed ledger. Nineteen composable APIs to verify who someone is, let them prove it without a password, and govern what they can do — across workforce and customer journeys.

#1 in Workforce IDV — Gartner® 2025KuppingerCole® Passwordless Leader 2026NIST 800-63-3FIDO2 CertifiediBeta PAD Level 2
The APIs

19 composable services on the 1Kosmos platform — 660 endpoints in all. Each is a signed REST API with a full reference, code samples and a downloadable OpenAPI spec.

Identity Verification

Prove who someone really is.
Identity Verification

DocuVerify

Verify government-issued documents and match a live selfie to an ID — indisputable proof of identity at onboarding, in one signed API.

23 endpointsReference
Identity Proofing

ID Proofing

Orchestrate end-to-end identity-proofing sessions from reusable templates.

33 endpointsReference

Credentials & Wallet

Issue and hold user-controlled credentials.
Verifiable Credentials

Verifiable Credentials

Issue and verify W3C verifiable credentials, held by the user.

25 endpointsReference
Identity Wallet

Wallet

Provision and manage user-controlled digital identity wallets.

19 endpointsReference

Authentication

Sign in without passwords.
Passwordless Authentication

Authn

Non-phishable, passwordless authentication — biometrics, OTP, push and journeys, federated over OIDC and SAML.

59 endpointsReference
FIDO2 / WebAuthn

WebAuthn

FIDO2 / WebAuthn passkey registration and authentication.

21 endpointsReference
OAuth 2.0 / OIDC

OAuth 2.0

Standards-based OAuth 2.0 / OpenID Connect — authorize, token, introspect.

14 endpointsReference

Authorization & Policy

Decide what each identity may do.
Authorization

AuthZ

Govern what an authenticated identity is allowed to do — roles, fine-grained permissions and real-time decisions.

20 endpointsReference
Policy Rules

Rules Engine

Define and evaluate the policy rules behind identity decisions.

14 endpointsReference

Users & Sessions

Manage identities and their sessions.
User Management

User Management

The system of record for users — attributes, passkeys, factors and policy.

63 endpointsReference
Admin Backend

Admin API

The control plane behind AdminX — manage users, communities, authentication modules, providers and policy across your tenant.

233 endpointsReference
Session Management

Sessions

Coordinate authentication sessions across devices — the backbone of QR-code and push-to-mobile login.

12 endpointsReference

Orchestration & Events

Automate journeys and observe activity.
Orchestration

Workflows

Define and run identity-orchestration workflows, end to end.

33 endpointsReference
Event Stream

Events

Subscribe to and query identity events across your tenant.

8 endpointsReference
Webhooks

Webhooks

Deliver signed platform-event callbacks to your endpoints.

12 endpointsReference

Platform Services

The supporting fabric every service shares.
Configuration & Consent

Config & Consent

Centralized tenant configuration, secrets and consent management.

20 endpointsReference
License Management

Licensing

Issue, authorize and rotate the license keys behind every service.

14 endpointsReference
Reporting

Reports

Pull tenant transaction reports and downloadable exports.

27 endpointsReference
Conversational

Chat

Embed identity-aware conversational and chatbot experiences.

10 endpointsReference
How it fits together

A typical integration moves an identity from unknown to trusted, then keeps it that way.

01

Verify

Prove a real person is who they claim with DocuVerify — document authenticity plus a live selfie.

02

Authenticate

Issue a non-phishable credential and let users sign in passwordlessly with Authn.

03

Authorize

Govern what each identity can do with roles and fine-grained permissions in AuthZ.

04

Operate

Coordinate cross-device login with Sessions and manage everything through the Admin API.

Authentication model

Every 1Kosmos service authenticates the same way: ECDSA key-pair signing over HTTPS. You hold a public/private key pair and a license key; sensitive payloads are signed so they can't be tampered with in transit. Your private key never leaves your environment.

© 2026 1Kosmos, Inc. · Developer Platform Identity verification · Passwordless authentication · Authorization